Even if the software itself does not include malware, it could be present on the websites or peer-to-peer networks from which it was taken and infect user PCs during the download.

In addition, when authentication codes are needed to activate the software they are often available on counterfeit sites that are infected. There are even instances where malware is delivered through normal channels.

It estimates that the direct costs to business of cleaning up malware will amount to $114 billion this year, and potential losses from data breaches could be close to $350 billion.

According to BSA The Software Alliance, 42 per cent of the software packages installed in PCs around the world in 2011 was pirated.

Criminal activity

David Finn, Associate General Counsel for Microsoft Cybercrime Centre, said in a blogpost on the report that it mirrors the findings of the company's own investigators.

"My team of investigators, analysts and attorneys (many of them former prosecutors and law enforcement officials) has been probing the dark world of software piracy for almost 15 years, and the detailed research from the IDC and our forensic experts mirrors what we have increasingly seen: software piracy often means nasty criminal activity and danger," he says.

Finn said that Microsoft's response is to urge buyers to play it safe, asking questions, investigating packaging that does not look right, and being cautious when prices look too good to be true.

He added that users who realise they have malware should go back to the dealers and if relevant report it to Microsoft.

The IDC report was based on lab tests on 353 websites and two surveys across 10 countries including the UK, one of 1,104 consumers and 973 business users, the other of 268 IT managers and chief information officers.